Also, check your footer.php, it looks like that is where the code is showing up.
I have not seen this one before. Check the header.php in your theme editor. If it’s not there try the functions.php.
I would be very interested to see the infected file if you find it. If you cannot find it I would be willing to look for it myself if you are willing to send me your wp-admin login.
Eugene, This is not a relevant topic to post your request, and I don’t see the “enclosed Paypal receipt”. Can you please email that info directly to me: eli AT gotmls DOT net
Each key is matched to a single site, but if you register the other site with the same email address then they will both by under the same account.
Just Check the box for Automatic Updates and click Save. Then you will have the Core Files definitions available.
There are no false positives in the Core File Changes scan. The contents of that file has certainly been altered from it’s original form. You or your developers may have modified that file and a Core File Change does not necessarily mean that it was modified maliciously, but it is unwise to modify WP Core Files and your theme changes should never effect the Core Files. You can click on this listing in my plugin’s results to see the contents and click on the [1] to see what lines have been modified. If you made these changes yourself then you can decide to keep the changes but I would recommend restoring the original file.
I’m sorry but this feature is not ready yet. There is currently no way to schedule a scan. However, I am working on a solution for this and I hope to have something available for testing by the end of the year.
Thanks for sending me your login. So it turns out it was a POST size limitation in your php.ini settings. I was able to use the automatic update method which you normally have to donate to unlock, but you could also talk to your hosting provider about increasing the post size limit on your server. You should be good to go from now on as you will only need incremental updates which are not as big as the initial update was.
Aloha, Eli
So, I think it’s all working now. Have you had a chance to try out the new version 4.15.45 of my plugin that I just released?
1. I have release a new plugin update that fixes that issue with the nonce tokens. Please download version 4.15.45 and let me know if you have any more problems.
2. Typically the default setting of -1 is best but if your scans are getting stuck part way through then you can try a small positive number like 4 or 6.
I just released an update to fix this. Please download the new version 4.15.44 and let me know if that works.
I replied directly to your posted question this morning.
This error is indicating that there was a 500 error response from the admin-ajax.php on the login page.
You can disable the login security by removing the first line of code that was added to your wp-config.php file.
You should also check the error_log files on your server to see what this 500 error is about.
If you want me to help you fix this directly you can email me with your FTP login and I’ll do it for you.
I just release me new version 4.15.43 which has the Quick Scan option for Core Files.
Please try it out and let me know what you think.
That is the manual update method. I don’t know what is blocking the update on your site but I’m sure the Automatic Update method will work for you.
If you are willing to send me your wp-admin login I will take a look at why you cannot save the updates.
So That means that it was probably a Core File that was infected. I will add a Quick Scan for the Core Files in the next release of my plugin so that kind of infection can be found more easily.
